Sunday, April 1, 2012

Today we are very proud to announce the we found a flaw that let us crack WPA in just a few minutes no matter what the passphrase length is. Obviously, we don't get the passphrase but the PMK (which is 'derived' from the ESSID and the passphrase), the master key which is more than enough to decrypt a capture file; Airdecap-ng allows to decrypt a pcap file with either the passphrase or the PMK (using -k).

I'm sorry, I wish I had more time to write a longer post to give more technical details but right now I'm very busy writing the paper. It will be published here probably tomorrow.